Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-1750

EPSS 0.26% · P49
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-1750

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A flaw was found in the machine-config-operator that causes an OpenShift node to become unresponsive when a container consumes a large amount of memory. An attacker could use this flaw to deny access to schedule new pods in the OpenShift cluster. This was fixed in openshift/machine-config-operator 4.4.3, openshift/machine-config-operator 4.3.25, openshift/machine-config-operator 4.2.36.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Red Hat OpenShift Container Platform 资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Red Hat OpenShift Container Platform是美国红帽(Red Hat)公司的一套可帮助企业在物理、虚拟和公共云基础架构之间开发、部署和管理现有基于容器的应用程序的应用平台。 Red Hat OpenShift Container Platform中存在资源管理错误漏洞。该漏洞源于网络系统或产品对系统资源(如内存、磁盘空间、文件等)的管理不当。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-machine-config-operator-container openshift/machine-config-operator 4.4.3, openshift/machine-config-operator 4.3.25, openshift/machine-config-operator 4.2.36 -

II. Public POCs for CVE-2020-1750

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-1750

登录查看更多情报信息。

Same Patch Batch · n/a · 2021-06-07 · 22 CVEs total

CVE-2021-233917.3 HIGHArbitrary File Write via Archive Extraction (Zip Slip)
CVE-2020-363846.1 MEDIUMPageLayer 跨站脚本漏洞
CVE-2020-363836.1 MEDIUMPageLayer 跨站脚本漏洞
CVE-2020-36385Linux kernel 资源管理错误漏洞
CVE-2021-3277Nagios XI代码问题漏洞
CVE-2020-268852sic 2sxc 跨站脚本漏洞
CVE-2021-28382Zoho ManageEngine Key Manager Plus 6001 跨站脚本漏洞
CVE-2021-33904Accela Civic Platform 跨站脚本漏洞
CVE-2020-1719Red Hat Wildfly 安全漏洞
CVE-2021-33896Dino 路径遍历漏洞
CVE-2020-18264Simple-Log 跨站请求伪造漏洞
CVE-2020-18265Simple-Log 跨站请求伪造漏洞
CVE-2020-18268Z-BlogPHP 输入验证错误漏洞
CVE-2019-25045Linux kernel 资源管理错误漏洞
CVE-2020-36387Linux kernel 资源管理错误漏洞
CVE-2020-36386Linux kernel 缓冲区错误漏洞
CVE-2018-25015Linux kernel 资源管理错误漏洞
CVE-2020-1690OpenStack 安全漏洞
CVE-2020-1742Kubernetes 安全漏洞
CVE-2020-25716Red Hat CloudForms 安全漏洞

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: n/a
Same weakness: CWE-400

V. Comments for CVE-2020-1750

No comments yet

Leave a comment